Add thumbprint support in XCertificate.

Issue number:
Submitted by:
Reviewed by:

xmlsecurity/inc/xmlsecurity/sigstruct.hxx

@@ -2,9 +2,9 @@
  *
  *  $RCSfile: sigstruct.hxx,v $
  *
- *  $Revision: 1.1.1.1 $
+ *  $Revision: 1.2 $
  *
- *  last change: $Author: mt $ $Date: 2004-07-12 13:15:20 $
+ *  last change: $Author: mmi $ $Date: 2004-07-15 08:12:08 $
  *
  *  The Contents of this file are made available subject to the terms of
  *  either of the following licenses
@@ -78,6 +78,13 @@
 #define STATUS_VERIFY_SUCCEED       3
 #define STATUS_VERIFY_FAIL      4
 
+/*
+ * type of reference
+ */
+#define TYPE_SAMEDOCUMENT_REFERENCE 1
+#define TYPE_BINARYSTREAM_REFERENCE 2
+#define TYPE_XMLSTREAM_REFERENCE    3
+
 struct SignatureReferenceInformation
 {
     sal_Int32       nType;

xmlsecurity/source/helper/xsecctl.cxx

@@ -2,9 +2,9 @@
  *
  *  $RCSfile: xsecctl.cxx,v $
  *
- *  $Revision: 1.1.1.1 $
+ *  $Revision: 1.2 $
  *
- *  last change: $Author: mt $ $Date: 2004-07-12 13:15:22 $
+ *  last change: $Author: mmi $ $Date: 2004-07-15 08:12:08 $
  *
  *  The Contents of this file are made available subject to the terms of
  *  either of the following licenses
@@ -1018,7 +1018,7 @@ void XSecController::exportSignature(
                 const SignatureReferenceInformation& refInfor = vReferenceInfors[j];
 
                 pAttributeList = new SvXMLAttributeList();
-                if ( refInfor.nType != 1 )
+                if ( refInfor.nType != TYPE_SAMEDOCUMENT_REFERENCE )
                 /*
                  * stream reference
                  */
@@ -1040,7 +1040,7 @@ void XSecController::exportSignature(
                 xDocumentHandler->startElement( tag_Reference, cssu::Reference< cssxs::XAttributeList > (pAttributeList) );
                 {
                     /* Write Transforms element */
-                    if (refInfor.nType == 3)
+                    if (refInfor.nType == TYPE_XMLSTREAM_REFERENCE)
                     /*
                      * xml stream, so c14n transform is needed
                      */

xmlsecurity/source/helper/xsecsign.cxx

@@ -2,9 +2,9 @@
  *
  *  $RCSfile: xsecsign.cxx,v $
  *
- *  $Revision: 1.2 $
+ *  $Revision: 1.3 $
  *
- *  last change: $Author: mt $ $Date: 2004-07-14 11:05:46 $
+ *  last change: $Author: mmi $ $Date: 2004-07-15 08:12:09 $
  *
  *  The Contents of this file are made available subject to the terms of
  *  either of the following licenses
@@ -207,7 +207,7 @@ cssu::Reference< cssxc::sax::XReferenceResolvedListener > XSecController::prepar
     {
         internalSignatureInfor.signatureInfor.ouSignatureId = createId();
         internalSignatureInfor.signatureInfor.ouPropertyId = createId();
-        internalSignatureInfor.addReference(1, internalSignatureInfor.signatureInfor.ouPropertyId, -1 );
+        internalSignatureInfor.addReference(TYPE_SAMEDOCUMENT_REFERENCE, internalSignatureInfor.signatureInfor.ouPropertyId, -1 );
         size++;
     }
 
@@ -245,19 +245,19 @@ void XSecController::collectToSign( sal_Int32 securityId, const rtl::OUString& r
         if ( index == -1 )
         {
             InternalSignatureInformation isi(securityId, NULL);
-            isi.addReference(1, referenceId, nKeeperId );
+            isi.addReference(TYPE_SAMEDOCUMENT_REFERENCE, referenceId, nKeeperId );
             m_vInternalSignatureInformations.push_back( isi );
         }
         else
         {
-            m_vInternalSignatureInformations[index].addReference(1, referenceId, nKeeperId );
+            m_vInternalSignatureInformations[index].addReference(TYPE_SAMEDOCUMENT_REFERENCE, referenceId, nKeeperId );
         }
     }
 }
 
 void XSecController::signAStream( sal_Int32 securityId, const rtl::OUString& uri, const rtl::OUString& objectURL, sal_Bool isBinary)
 {
-        sal_Int32 type = ((isBinary==sal_True)?2:3);
+        sal_Int32 type = ((isBinary==sal_True)?TYPE_BINARYSTREAM_REFERENCE:TYPE_XMLSTREAM_REFERENCE);
 
     int index = findSignatureInfor( securityId );
 

xmlsecurity/source/helper/xsecverify.cxx

@@ -2,9 +2,9 @@
  *
  *  $RCSfile: xsecverify.cxx,v $
  *
- *  $Revision: 1.1.1.1 $
+ *  $Revision: 1.2 $
  *
- *  last change: $Author: mt $ $Date: 2004-07-12 13:15:22 $
+ *  last change: $Author: mmi $ $Date: 2004-07-15 08:12:09 $
  *
  *  The Contents of this file are made available subject to the terms of
  *  either of the following licenses
@@ -156,14 +156,14 @@ void XSecController::addSignature()
 void XSecController::addReference( const rtl::OUString& ouUri)
 {
     InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1];
-    isi.addReference(1,ouUri, -1 );
+    isi.addReference(TYPE_SAMEDOCUMENT_REFERENCE,ouUri, -1 );
 }
 
 void XSecController::addStreamReference(
     const rtl::OUString& ouUri,
     bool isBinary )
 {
-        sal_Int32 type = (isBinary?2:3);
+        sal_Int32 type = (isBinary?TYPE_BINARYSTREAM_REFERENCE:TYPE_XMLSTREAM_REFERENCE);
 
     InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1];
 
@@ -199,7 +199,7 @@ void XSecController::setReferenceCount() const
 
         for(int i=0 ; i<refNum; ++i)
         {
-            if (refInfors[i].nType == 1 )
+            if (refInfors[i].nType == TYPE_SAMEDOCUMENT_REFERENCE )
             /*
              * same-document reference
              */

xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx

@@ -2,9 +2,9 @@
  *
  *  $RCSfile: x509certificate_mscryptimpl.cxx,v $
  *
- *  $Revision: 1.3 $
+ *  $Revision: 1.4 $
  *
- *  last change: $Author: mmi $ $Date: 2004-07-14 10:28:28 $
+ *  last change: $Author: mmi $ $Date: 2004-07-15 08:12:09 $
  *
  *  The Contents of this file are made available subject to the terms of
  *  either of the following licenses
@@ -410,6 +410,27 @@ X509Certificate_MSCryptImpl* X509Certificate_MSCryptImpl :: getImplementation( c
     return OUString() ;
 }
 
+::com::sun::star::uno::Sequence< sal_Int8 > getThumbprint(const CERT_CONTEXT* pCertContext, DWORD dwPropId)
+{
+    if( pCertContext != NULL )
+    {
+        DWORD cbData;
+        unsigned char fingerprint[20];
+        if (CertGetCertificateContextProperty(pCertContext, dwPropId, (void*)fingerprint, &cbData))
+        {
+            Sequence< sal_Int8 > thumbprint( cbData ) ;
+            for( unsigned int i = 0 ; i < cbData ; i ++ )
+            {
+                thumbprint[i] = fingerprint[i];
+            }
+
+            return thumbprint;
+        }
+    }
+
+    return NULL;
+}
+
 ::rtl::OUString SAL_CALL X509Certificate_MSCryptImpl::getSubjectPublicKeyAlgorithm()
     throw ( ::com::sun::star::uno::RuntimeException)
 {
@@ -459,19 +480,16 @@ X509Certificate_MSCryptImpl* X509Certificate_MSCryptImpl :: getImplementation( c
     }
 }
 
-::rtl::OUString SAL_CALL X509Certificate_MSCryptImpl::getThumbprintAlgorithm()
+::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl::getSHA1Thumbprint()
     throw ( ::com::sun::star::uno::RuntimeException)
 {
-    //MM : dummy
+    return getThumbprint(m_pCertContext, CERT_SHA1_HASH_PROP_ID);
-    return OUString();
 }
 
-::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl::getThumbprint()
+::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl::getMD5Thumbprint()
     throw ( ::com::sun::star::uno::RuntimeException)
 {
-    //MM : dummy
+    return getThumbprint(m_pCertContext, CERT_MD5_HASH_PROP_ID);
-    return NULL ;
 }
-
 // MM : end
 

xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.hxx

@@ -2,9 +2,9 @@
  *
  *  $RCSfile: x509certificate_mscryptimpl.hxx,v $
  *
- *  $Revision: 1.2 $
+ *  $Revision: 1.3 $
  *
- *  last change: $Author: mmi $ $Date: 2004-07-14 08:12:26 $
+ *  last change: $Author: mmi $ $Date: 2004-07-15 08:12:09 $
  *
  *  The Contents of this file are made available subject to the terms of
  *  either of the following licenses
@@ -141,14 +141,13 @@ class X509Certificate_MSCryptImpl : public ::cppu::WeakImplHelper2<
         virtual ::rtl::OUString SAL_CALL getSignatureAlgorithm()
             throw ( ::com::sun::star::uno::RuntimeException) ;
 
-        virtual ::rtl::OUString SAL_CALL getThumbprintAlgorithm()
+        virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getSHA1Thumbprint()
             throw ( ::com::sun::star::uno::RuntimeException) ;
 
-        virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getThumbprint()
+        virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getMD5Thumbprint()
             throw ( ::com::sun::star::uno::RuntimeException) ;
         // MM : end
 
-
         //Methods from XUnoTunnel
         virtual sal_Int64 SAL_CALL getSomething( const ::com::sun::star::uno::Sequence< sal_Int8 >& aIdentifier ) throw (com::sun::star::uno::RuntimeException);
 

xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx

@@ -2,9 +2,9 @@
  *
  *  $RCSfile: x509certificate_nssimpl.cxx,v $
  *
- *  $Revision: 1.2 $
+ *  $Revision: 1.3 $
  *
- *  last change: $Author: mmi $ $Date: 2004-07-14 08:12:26 $
+ *  last change: $Author: mmi $ $Date: 2004-07-15 08:12:09 $
  *
  *  The Contents of this file are made available subject to the terms of
  *  either of the following licenses
@@ -80,7 +80,9 @@
 #include "secder.h"
 
 //MM : added by MM
+#include "hasht.h"
 #include "secoid.h"
+#include "pk11func.h"
 //MM : end
 
 
@@ -374,6 +376,36 @@ X509Certificate_NssImpl* X509Certificate_NssImpl :: getImplementation( const Ref
     return rtl::OUString::createFromAscii( pDesc ) ;
 }
 
+::com::sun::star::uno::Sequence< sal_Int8 > getThumbprint(CERTCertificate *pCert, SECOidTag id)
+{
+    if( pCert != NULL )
+    {
+        unsigned char fingerprint[20];
+        char *fpStr = NULL;
+        SECItem fpItem;
+        int length = ((id == SEC_OID_MD5)?MD5_LENGTH:SHA1_LENGTH);
+
+        memset(fingerprint, 0, sizeof fingerprint);
+        PK11_HashBuf(id, fingerprint, pCert->derCert.data, pCert->derCert.len);
+        fpItem.data = fingerprint;
+        fpItem.len = length;
+        fpStr = CERT_Hexify(&fpItem, 1);
+
+        Sequence< sal_Int8 > thumbprint( length ) ;
+        for( int i = 0 ; i < length ; i ++ )
+        {
+            thumbprint[i] = fingerprint[i];
+        }
+
+        PORT_Free(fpStr);
+        return thumbprint;
+    }
+    else
+    {
+        return NULL;
+    }
+}
+
 ::rtl::OUString SAL_CALL X509Certificate_NssImpl::getSubjectPublicKeyAlgorithm()
     throw ( ::com::sun::star::uno::RuntimeException)
 {
@@ -423,19 +455,16 @@ X509Certificate_NssImpl* X509Certificate_NssImpl :: getImplementation( const Ref
     }
 }
 
-::rtl::OUString SAL_CALL X509Certificate_NssImpl::getThumbprintAlgorithm()
+::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getSHA1Thumbprint()
     throw ( ::com::sun::star::uno::RuntimeException)
 {
-    //MM : dummy
+    return getThumbprint(m_pCert, SEC_OID_SHA1);
-    return OUString();
 }
 
-::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getThumbprint()
+::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getMD5Thumbprint()
     throw ( ::com::sun::star::uno::RuntimeException)
 {
-    //MM : dummy
+    return getThumbprint(m_pCert, SEC_OID_MD5);
-    return NULL ;
 }
-
 // MM : end
 

xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.hxx

@@ -2,9 +2,9 @@
  *
  *  $RCSfile: x509certificate_nssimpl.hxx,v $
  *
- *  $Revision: 1.2 $
+ *  $Revision: 1.3 $
  *
- *  last change: $Author: mmi $ $Date: 2004-07-14 08:12:26 $
+ *  last change: $Author: mmi $ $Date: 2004-07-15 08:12:10 $
  *
  *  The Contents of this file are made available subject to the terms of
  *  either of the following licenses
@@ -140,10 +140,10 @@ class X509Certificate_NssImpl : public ::cppu::WeakImplHelper2<
         virtual ::rtl::OUString SAL_CALL getSignatureAlgorithm()
             throw ( ::com::sun::star::uno::RuntimeException) ;
 
-        virtual ::rtl::OUString SAL_CALL getThumbprintAlgorithm()
+        virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getSHA1Thumbprint()
             throw ( ::com::sun::star::uno::RuntimeException) ;
 
-        virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getThumbprint()
+        virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getMD5Thumbprint()
             throw ( ::com::sun::star::uno::RuntimeException) ;
         // MM : end
 

xmlsecurity/tools/demo/multisigdemo.cxx

@@ -2,9 +2,9 @@
  *
  *  $RCSfile: multisigdemo.cxx,v $
  *
- *  $Revision: 1.1.1.1 $
+ *  $Revision: 1.2 $
  *
- *  last change: $Author: mt $ $Date: 2004-07-12 13:15:30 $
+ *  last change: $Author: mmi $ $Date: 2004-07-15 08:12:10 $
  *
  *  The Contents of this file are made available subject to the terms of
  *  either of the following licenses
@@ -184,7 +184,7 @@ int SAL_CALL main( int argc, char **argv )
     /*
      * creates signature
      */
-    bDone = aSignatureHelper.CreateAndWriteSignatue( xOutputStream );
+    bDone = aSignatureHelper.CreateAndWriteSignature( xOutputStream );
     if ( !bDone )
     {
         fprintf( stderr, "Error creating Signature!\n" );
@@ -216,7 +216,7 @@ int SAL_CALL main( int argc, char **argv )
     xLockBytes = new SvLockBytes( pStream, TRUE );
     xInputStream = new utl::OInputStreamHelper( xLockBytes, nBytes );
 
-    bDone = aSignatureHelper.ReadAndVerifySignatue( xInputStream );
+    bDone = aSignatureHelper.ReadAndVerifySignature( xInputStream );
     xInputStream->closeInput();
 
     if ( !bDone )
@@ -269,7 +269,7 @@ int SAL_CALL main( int argc, char **argv )
     xDocumentHandler = aSignatureHelper.CreateDocumentHandlerWithHeader( xOutputStream);
 
     aSignatureHelper.ExportSignature( xDocumentHandler, signatureInformations[0]);
-    bDone = aSignatureHelper.CreateAndWriteSignatue( xDocumentHandler );
+    bDone = aSignatureHelper.CreateAndWriteSignature( xDocumentHandler );
     aSignatureHelper.ExportSignature( xDocumentHandler, signatureInformations[1]);
     aSignatureHelper.CloseDocumentHandler( xDocumentHandler);
 
@@ -297,7 +297,7 @@ int SAL_CALL main( int argc, char **argv )
     xLockBytes = new SvLockBytes( pStream, TRUE );
     xInputStream = new utl::OInputStreamHelper( xLockBytes, nBytes );
 
-    bDone = aSignatureHelper.ReadAndVerifySignatue( xInputStream );
+    bDone = aSignatureHelper.ReadAndVerifySignature( xInputStream );
     xInputStream->closeInput();
 
     if ( !bDone )
@@ -328,7 +328,7 @@ int SAL_CALL main( int argc, char **argv )
     xLockBytes = new SvLockBytes( pStream, TRUE );
     xInputStream = new utl::OInputStreamHelper( xLockBytes, nBytes );
 
-    bDone = aSignatureHelper.ReadAndVerifySignatue( xInputStream );
+    bDone = aSignatureHelper.ReadAndVerifySignature( xInputStream );
     xInputStream->closeInput();
 
     if ( !bDone )

xmlsecurity/tools/demo/signdemo.cxx

@@ -2,9 +2,9 @@
  *
  *  $RCSfile: signdemo.cxx,v $
  *
- *  $Revision: 1.1.1.1 $
+ *  $Revision: 1.2 $
  *
- *  last change: $Author: mt $ $Date: 2004-07-12 13:15:30 $
+ *  last change: $Author: mmi $ $Date: 2004-07-15 08:12:10 $
  *
  *  The Contents of this file are made available subject to the terms of
  *  either of the following licenses
@@ -199,7 +199,7 @@ int SAL_CALL main( int argc, char **argv )
     /*
      * creates signature
      */
-    bool bDone = aSignatureHelper.CreateAndWriteSignatue( xOutputStream );
+    bool bDone = aSignatureHelper.CreateAndWriteSignature( xOutputStream );
 
     if ( !bDone )
     {

xmlsecurity/tools/demo/util.cxx

@@ -2,9 +2,9 @@
  *
  *  $RCSfile: util.cxx,v $
  *
- *  $Revision: 1.2 $
+ *  $Revision: 1.3 $
  *
- *  last change: $Author: mmi $ $Date: 2004-07-14 08:12:30 $
+ *  last change: $Author: mmi $ $Date: 2004-07-15 08:12:10 $
  *
  *  The Contents of this file are made available subject to the terms of
  *  either of the following licenses
@@ -67,6 +67,21 @@
 namespace cssu = com::sun::star::uno;
 namespace cssl = com::sun::star::lang;
 
+::rtl::OUString printHexString(cssu::Sequence< sal_Int8 > data)
+{
+    int length = data.getLength();
+    ::rtl::OUString result;
+
+    char number[4];
+    for (int j=0; j<length; j++)
+    {
+        sprintf(number, "%02X ", (unsigned char)data[j]);
+        result += rtl::OUString::createFromAscii( number );
+    }
+
+    return result;
+}
+
 cssu::Reference< cssl::XMultiServiceFactory > serviceManager(
     cssu::Reference< cssu::XComponentContext > &xContext,
     rtl::OUString sUnoUrl,
@@ -189,17 +204,18 @@ cssu::Reference< cssl::XMultiServiceFactory > serviceManager(
                     result += xCertPath[i]->getSubjectPublicKeyAlgorithm();
                     result += rtl::OUString::createFromAscii( "\n    Signature algorithm : " );
                     result += xCertPath[i]->getSignatureAlgorithm();
+
                     result += rtl::OUString::createFromAscii( "\n    Subject public key value : " );
-
                     cssu::Sequence< sal_Int8 > keyValue = xCertPath[i]->getSubjectPublicKeyValue();
-            int length = keyValue.getLength();
+                    result += printHexString(keyValue);
 
-            char number[64];
+                    result += rtl::OUString::createFromAscii( "\n    Thumbprint (SHA1) : " );
-                    for (int j=0; j<length; j++)
+                    cssu::Sequence< sal_Int8 > SHA1Thumbprint = xCertPath[i]->getSHA1Thumbprint();
-                    {
+                    result += printHexString(SHA1Thumbprint);
-                        sprintf(number, "%02X ", (unsigned char)keyValue[j]);
+
-                        result += rtl::OUString::createFromAscii( number );
+                    result += rtl::OUString::createFromAscii( "\n    Thumbprint (MD5) : " );
-                    }
+                    cssu::Sequence< sal_Int8 > MD5Thumbprint = xCertPath[i]->getMD5Thumbprint();
+                    result += printHexString(MD5Thumbprint);
 
                     result += rtl::OUString::createFromAscii( "\n  <<\n" );
         }

xmlsecurity/tools/demo/verifydemo.cxx

@@ -2,9 +2,9 @@
  *
  *  $RCSfile: verifydemo.cxx,v $
  *
- *  $Revision: 1.1.1.1 $
+ *  $Revision: 1.2 $
  *
- *  last change: $Author: mt $ $Date: 2004-07-12 13:15:30 $
+ *  last change: $Author: mmi $ $Date: 2004-07-15 08:12:10 $
  *
  *  The Contents of this file are made available subject to the terms of
  *  either of the following licenses
@@ -151,7 +151,7 @@ int SAL_CALL main( int argc, char **argv )
     /*
      * verifies the signature
      */
-    bool bDone = aSignatureHelper.ReadAndVerifySignatue( xInputStream );
+    bool bDone = aSignatureHelper.ReadAndVerifySignature( xInputStream );
 
     /*
      * closes the signature stream